CVE-2014-9587 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-9587 Interim 1 4 2023-12-08T02:21:00Z current 2021-05-30T13:24:50Z 2023-12-08T02:21:00Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-9587 Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to (1) address book operations or the (2) ACL or (3) Managesieve plugins. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to (1) address book operations or the (2) ACL or (3) Managesieve plugins. CVE-2014-9587 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P